I am building a provisioning system, where other software/app/device/user would connect to it. I want a create a recognition mechanism so that I can identify the thing that is connecting to the system is a valid identity.
Some kind of key, specific to the connecting software. The requirement is that the key should be easily understandable to the provisioning system but difficult to crack for the others.
I can simply create some random characters (key) and provide it to the connecting devices during the registration process, by which they will connect to the provisioning system later on, then there would arise some problems. One is the identity theft, anyone can steal it and can connect to the provisioning system; another one is that someone mischifely can distribute the key. For both the cases the system would fail to verify the legitimacy of the connecting app.
Any suggestion to solve this scenario greatly appreciable.
